Neither have I, because I tend to avoid Microsoft-certified hardware. 
You’ll have to go through the settings in your UEFI firmware setup utility in order to find the Microsoft authentication keys and then delete them. You can find information about that on the web ─ possibly even here at the forum, albeit that it may have been discussed at the old and now archived forum, which you can find here. 
http://archived.forum.manjaro.org/
The old forum crashed and the database was corrupted, so we had to start all over again in August of 2020, but the old forum remains available as a read-only archive.
Yes, and that is because of those authentication keys. As long as they are stored in your computer’s firmware settings, you won’t be able to turn off Secure Boot.